Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
File: PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft (raw, json)
Hash identifier: 0ICFQ6KqBj/JPoffJQ4pwJxslylCgRTW+SyOjQyo3PM=
Subject key identifier: 32:D9:08:47:37:8F:76:EC:F6:77:1D:55:75:71:41:A2:0C:1F:38:32
Authority key identifier: 3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97
Certificate issuer: /CN=3c1415421685ace3682f161d310d92726cdfb097
Certificate serial: 019923A02B31FA941077FBE9F1B29A7F91A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
Manifest number: 166E
Signing time: Sun 07 Sep 2025 10:02:03 +0000
Manifest this update: Sun 07 Sep 2025 10:02:03 +0000
Manifest next update: Mon 08 Sep 2025 10:02:03 +0000
Files and hashes: 1: PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl (hash: xYD/KmXnKpbXAcJFOh9CL4yV89bvcdnllSR+wffYi+k=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:23:a0:2b:31:fa:94:10:77:fb:e9:f1:b2:9a:7f:91:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3c1415421685ace3682f161d310d92726cdfb097
Validity
Not Before: Sep 7 10:02:03 2025 GMT
Not After : Sep 8 10:02:03 2025 GMT
Subject: CN=32d90847378f76ecf6771d55757141a20c1f3832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:49:e3:61:4c:24:f9:4e:82:7f:84:b3:21:13:
11:77:f6:d1:b6:5b:f7:d8:37:ea:0b:a8:d9:54:43:
a6:2b:00:85:78:6d:e4:d4:ae:86:bb:5d:ad:bf:18:
5f:e9:30:81:42:63:98:91:57:04:a3:61:02:d8:70:
2c:ce:4b:13:0a:c8:38:bc:84:c0:24:65:e5:af:52:
c5:cf:e0:48:37:23:8a:f6:31:ca:87:f8:84:24:6d:
35:96:4f:27:90:0c:31:b6:04:f3:66:e3:6b:2e:f1:
eb:d3:18:37:1a:87:ac:cf:ac:17:0f:26:88:67:9d:
ba:bb:b5:fd:1c:d9:a3:c8:7e:ad:82:cf:4e:bb:2f:
ce:3d:f7:2a:3b:71:1e:e3:2e:6c:9a:e5:85:72:47:
ed:bc:2d:04:db:a5:93:15:c2:ad:57:62:5f:85:c0:
03:65:e2:8d:48:c5:24:a5:ee:c3:04:d9:f6:59:2c:
cf:b1:16:fe:9f:6e:3c:45:15:d2:10:e6:34:4d:77:
b7:20:52:ff:d5:0c:d0:85:18:1b:8e:dd:b4:2b:f9:
41:c5:0a:61:ff:52:64:0f:2c:9b:b1:22:64:00:7c:
00:77:65:eb:97:93:2f:e4:a1:87:5b:a4:81:ea:2a:
92:4e:e5:a6:0c:1e:d2:01:4a:2e:6c:d9:14:77:12:
d7:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:D9:08:47:37:8F:76:EC:F6:77:1D:55:75:71:41:A2:0C:1F:38:32
X509v3 Authority Key Identifier:
keyid:3C:14:15:42:16:85:AC:E3:68:2F:16:1D:31:0D:92:72:6C:DF:B0:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PBQVQhaFrONoLxYdMQ2ScmzfsJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/b85cdd-ba4a-458e-a7a8-1e122838a111/1/PBQVQhaFrONoLxYdMQ2ScmzfsJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
21:e6:b3:91:c5:0e:d9:76:8a:fa:33:00:25:9f:01:b2:2e:4e:
8b:f9:7e:2f:0e:02:e2:8a:4b:9c:89:ce:57:18:98:97:61:37:
d6:cb:ea:8b:9f:45:4e:b5:74:85:91:e2:94:18:35:54:7a:30:
c9:69:49:f7:fa:6a:c8:0f:3b:0e:0f:bf:cf:a5:89:b8:c5:cc:
3d:fd:45:c2:db:07:ad:52:cd:40:f8:2e:a6:7d:b4:00:92:b9:
4d:0f:7d:5d:59:6b:12:2b:c6:5f:6c:b7:5c:8b:be:43:58:a3:
4a:75:31:51:98:c9:64:c9:86:85:56:be:ef:5b:27:0d:48:b5:
eb:f1:c4:21:6f:92:ce:d7:d8:0f:01:04:a2:dd:a2:ba:01:17:
86:87:02:35:d0:1c:c8:4c:5b:fc:02:9a:69:72:35:15:90:6c:
26:19:52:2a:f0:fc:84:f2:51:c7:0a:d9:45:1f:56:59:54:e3:
be:2f:77:4d:6e:9f:51:d5:36:f4:2d:20:e6:7d:bf:42:e1:f4:
e2:b3:9d:bd:f1:e4:54:1c:70:49:59:fe:3c:b3:eb:81:91:c6:
40:95:06:5d:41:ad:60:a8:07:67:ee:2a:b3:c4:b1:08:93:9a:
5e:9e:13:5c:86:c4:d6:33:63:32:a4:3c:4c:bc:46:ec:9e:0b:
e1:e3:95:00
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkjoCsx+pQQd/vp8bKaf5GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjMTQxNTQyMTY4NWFjZTM2ODJmMTYxZDMxMGQ5MjcyNmNk
ZmIwOTcwHhcNMjUwOTA3MTAwMjAzWhcNMjUwOTA4MTAwMjAzWjAzMTEwLwYDVQQD
EygzMmQ5MDg0NzM3OGY3NmVjZjY3NzFkNTU3NTcxNDFhMjBjMWYzODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUnjYUwk+U6Cf4SzIRMRd/bRtlv3
2DfqC6jZVEOmKwCFeG3k1K6Gu12tvxhf6TCBQmOYkVcEo2EC2HAszksTCsg4vITA
JGXlr1LFz+BINyOK9jHKh/iEJG01lk8nkAwxtgTzZuNrLvHr0xg3Goesz6wXDyaI
Z526u7X9HNmjyH6tgs9Ouy/OPfcqO3Ee4y5smuWFckftvC0E26WTFcKtV2JfhcAD
ZeKNSMUkpe7DBNn2WSzPsRb+n248RRXSEOY0TXe3IFL/1QzQhRgbjt20K/lBxQph
/1JkDyybsSJkAHwAd2Xrl5Mv5KGHW6SB6iqSTuWmDB7SAUoubNkUdxLX7wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFDLZCEc3j3bs9ncdVXVxQaIMHzgyMB8GA1UdIwQY
MBaAFDwUFUIWhazjaC8WHTENknJs37CXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgt
MWUxMjI4MzhhMTExLzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni9iODVjZGQtYmE0YS00NThlLWE3YTgtMWUxMjI4MzhhMTEx
LzEvUEJRVlFoYUZyT05vTHhZZE1RMlNjbXpmc0pjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAIeazkcUO
2XaK+jMAJZ8Bsi5Oi/l+Lw4C4opLnInOVxiYl2E31svqi59FTrV0hZHilBg1VHow
yWlJ9/pqyA87Dg+/z6WJuMXMPf1FwtsHrVLNQPgupn20AJK5TQ99XVlrEivGX2y3
XIu+Q1ijSnUxUZjJZMmGhVa+71snDUi16/HEIW+SztfYDwEEot2iugEXhocCNdAc
yExb/AKaaXI1FZBsJhlSKvD8hPJRxwrZRR9WWVTjvi93TW6fUdU29C0g5n2/QuH0
4rOdvfHkVBxwSVn+PLPrgZHGQJUGXUGtYKgHZ+4qs8SxCJOaXp4TXIbE1jNjMqQ8
TLxG7J4L4eOVAA==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:47:40 2025 by rpki-client